I'm working on setting up an SSH key on a VM. I needed to create a .ssh directory at the root: mkdir .ssh. Right away, the directory has contents:
drwxr-xr-x. 2 myusername folder 6 Jun 20 19:51 .
drwxr-xr-x. 15 myusername folder 4096 Jun 20 19:51 ..
Just for learning purposes, what are the contents of the .ssh directory I just made?
None - . points to the current directory and .. points to the upper directory.
Related
I have a proxmox server so under debian, and I want to mount a remote directory from my Nas Synologies to make backups.
I normally use ssh mounts without any problem.
But this time I have an error that I have never encountered, I can create files, but not delete them.
I find this very strange and I don't see where this can come from
root#proxmox:/mnt/# sshfs user#192.168.0.1:home/data /mnt/dist-folder/ -o reconnect,
ServerAliveInterval=60,ServerAliveCountMax=30,allow_other,
default_permissions,uid=0,gid=0,umask=007
root#proxmox:/mnt# cd dist-folder/
root#proxmox:/mnt/dist-folder# touch aa.txt
root#proxmox:/mnt/dist-folder# ls -la
total 12
drwxrwx--- 1 root root 114 Mar 13 09:53 .
drwxr-xr-x 7 root root 4096 Mar 13 09:37 ..
-rwxrwx--- 1 root root 0 Mar 13 09:53 aa.txt
root#proxmox:/mnt/dist-folder# rm aa.txt
rm: cannot remove 'aa.txt': Permission denied
With uid=0,gid=0 for root user and group
Thanks
This is finally a problem specific to synology.
For the assembly of the file it is absolutely necessary to respect the path by starting with
/homes/<user>home/
So it's give
sshfs user#192.168.0.1:/homes/proxmox/home/data /mnt/dist-folder/
And it's works fine !
It's not the first time that I have an abnormal configuration for this synology tool... AGrrrr
I'm setting up a new website on a new Ubuntu droplet at Digital Ocean. I set this up previously on a different droplet and rsynced the website contents to it. I followed directions I found on the web, but didn't keep detailed-enough notes. I'm just trying to replicate this on the new Droplet. But I've messed up somehow. My knowledge of permissions, etc. is rudimentary :-(
My server has: /var/www/html
This is what I did:
• sudo usermod -a -G www-data [myusername]
• sudo chown -R www-data:www-data /var/www
• sudo chmod -R g+rw /var/www
• sudo chmod -R g+rws /var/www
I then created “/var/www/howardmann.us/public_html” for my website.
(I didn't put the public_html directory in var/www/html. I didn't on my other Droplet. Perhaps I should.)
sudo ls -la /var/www
total 16
drwxrwsr-x 4 www-data www-data 4096 Feb 25 15:43 .
drwxr-xr-x 14 root root 4096 Feb 24 14:27 ..
drwxr-sr-x 3 root www-data 4096 Feb 25 15:43 howardmann.us
drwxrwsr-x 2 www-data www-data 4096 Feb 25 15:42 html
sudo ls -la /var/www/howardmann.us/public_html
total 8
drwxr-sr-x 2 root www-data 4096 Feb 25 15:43 .
drwxr-sr-x 3 root www-data 4096 Feb 25 15:43 ..
Now, excerpts of rsync script (successful to my other Droplet) result from my laptop now:
1.
howardm$ ./deploy.sh
sending incremental file list
rsync: failed to set times on "/var/www/howardmann.us/public_html/.": Operation not permitted (1)
rsync: recv_generator: mkdir "/var/www/howardmann.us/public_html/css" failed: Permission denied (13)
* Skipping any contents from this failed directory *
3.
rsync: mkstemp "/var/www/howardmann.us/public_html/.DS_Store.8zaaQg" failed: Permission denied (13)
Question: How do I fix ownership and permissions on the server directories for 1) proper permissions for a website and 2) permit a rsync deploy?
For comparison, here is the status of my current working web site on the other Droplet:
howardm#howardmann:~$ ls -la /var/www/
total 20
drwxrwxr-x 5 howardm www-data 4096 Mar 5 2016 .
drwxr-xr-x 13 root root 4096 Mar 28 2015 ..
drwxrwxr-x 4 howardm www-data 4096 Jun 8 2016 howardmann.us
drwxrwxr-x 2 howardm www-data 4096 Mar 29 2015 html
Thanks!
Howard
Well, I fixed this after reading some more about permissions for a website.
My website folder is titled howardmann.us, which contains a public_html folder with the website contents.
So: /var/www/howardmann.us/public_html. (/var/www also contains a html directory)
I achieved the relevant ownership/permissions with:
sudo chown -R howardm:www-data /var/www/
I'm the owner, and www-data the group.
sudo usermod -a -G www-data [myusersername]
I'm a member of the www-data group
sudo chmod -R 2775 /var/www/
This yields the proper permissions, I believe for a web site.
I made sure the same owner:group applied to all these directories:
ls -l /var/www
total 8
drwxr-sr-x 3 howardm www-data 4096 Feb 26 19:23 howardmann.us
drwxrwsr-x 2 howardm www-data 4096 Feb 25 15:42 html
ls -l /var/www/howardmann.us
total 4
drwxr-xr-x 11 howardm www-data 4096 Feb 5 2017 public_html
Now rsync works without errors.
If anyone believes these ownership/permissions for a website are (substantially) improper, please comment.
Howard
I'm using Docker to run an Apache instance. My docker file goes something like this:
FROM ubuntu
MAINTAINER your.face#gmail.com
RUN cat /etc/passwd
RUN cat /etc/group
RUN apt-get update && apt-get install -yq apache2 php5 libapache2-mod-php5 php5-mysql
RUN apt-get install -yq openssh-server
RUN mkdir /var/run/sshd
ENV APACHE_RUN_USER www-data
ENV APACHE_RUN_GROUP www-data
ENV APACHE_LOG_DIR /var/log/apache2
EXPOSE 80
ADD config/apache2/000-default.conf /etc/apache2/sites-available/000-default.conf
ADD config/php5/php.ini /etc/php5/apache2/php.ini
ADD config/start.sh /tmp/start.sh
ADD src /var/www
RUN chown -R root:www-data /var/www
RUN chmod u+rwx,g+rx,o+rx /var/www
RUN find /var/www -type d -exec chmod u+rwx,g+rx,o+rx {} +
RUN find /var/www -type f -exec chmod u+rw,g+rw,o+r {} +
#essentially: CMD ["/usr/sbin/apache2ctl", "-D", "FOREGROUND"]
CMD ["/tmp/start.sh"]
However, when I build the container and run it, I only ever get 403 errors.
Notice that I've specified that Apache should run as www-data in www-data group, and that /var/www has been recursively chownd to belong to root:www-data.
Also, all directories are searchable and readable, and all files are readable and writeable by the www-data group (well, according to ls -la and namei -m they are anyways).
How do I fix these permissions issues? I cant figure it out.
Actual error from the Apache error.log:
[Fri May 23 18:33:27.663087 2014] [core:error] [pid 14] (13)Permission denied: [client 11.11.11.11:61689] AH00035: access to /index.php denied (filesystem path '/var/www/index.php') because search permissions are missing on a component of the path
EDIT:
output of ls -laR /var/www at the end of the Dockerfile:
Step 21 : RUN ls -laR /var/www
---> Running in 74fd3609dfc8
/var/www:
total 1036
drwxr-xr-x 67 root www-data 4096 May 23 18:38 .
drwxr-xr-x 26 root root 4096 May 23 18:38 ..
-rw-rw-r-- 1 root www-data 28 May 23 12:22 .gitignore
-rw-rw-r-- 1 root www-data 501 May 23 12:22 .htaccess
-rw-rw-r-- 1 root www-data 7566 May 23 12:22 index.php
Output of namei -m /var/www/index.php at the end of the Dockerfile:
Step 22 : RUN namei -m /var/www/index.php
---> Running in 1203f0353090
f: /var/www/index.php
drwxr-xr-x /
drwxr-xr-x var
drwxr-xr-x www
-rw-rw-r-- index.php
EDIT2
After trying a whole bunch of things, including chmod -R 777 just to see if I could get anything to work, I tried putting the source files added from the Dockerfile into /var/www/html, the default location for Apache files to be served.
I matched the default file permissions exactly (I think), and it still isn't working. The default index.html that comes with Apache loads just fine, but the added src folder still have a 403 access denied error.
I changed the Dockerfile to ADD src /var/www/html/src and the permissions were set using:
RUN find /var/www/html -type d -exec chmod u+rwx,g+rx,o+rx {} +
RUN find /var/www/html -type f -exec chmod u+rw,g+r,o+r {} +
No luck. Below is some of the output of ls -laR on /var/www. Notice that the permissions for the html folder and index.html that come with an apache2 install match those of the added src folder:
Step 19 : RUN ls -laR /var/www/
---> Running in 0520950d0426
/var/www/:
total 12
drwxr-xr-x 6 root root 4096 May 23 19:23 .
drwxr-xr-x 24 root root 4096 May 23 19:23 ..
drwxr-xr-x 5 root root 4096 May 23 19:23 html
/var/www/html:
total 24
drwxr-xr-x 5 root root 4096 May 23 19:23 .
drwxr-xr-x 6 root root 4096 May 23 19:23 ..
-rw-r--r-- 1 root root 11510 May 23 18:28 index.html
drwxr-xr-x 47 root root 4096 May 23 19:23 src
/var/www/html/src:
total 1032
drwxr-xr-x 47 root root 4096 May 23 19:23 .
drwxr-xr-x 5 root root 4096 May 23 19:23 ..
-rw-r--r-- 1 root root 28 May 23 12:22 .gitignore
-rw-r--r-- 1 root root 501 May 23 12:22 .htaccess
-rw-r--r-- 1 root root 7566 May 23 12:22 index.php
Perhaps chmod doesn't work quite the way I thought it does??
EDIT3
A final bit of information. The Docker container is being built by buildbot, which I've been assuming runs as root. I haven't been able to reproduce this scenario without using buildbot to do the building.
Building everything via sudo docker build -t apache . type commands on my laptop works fine, but the problems arise when buildbot does it. No idea why :^/
I just ran into this after posting a similar question at Running app inside Docker as non-root user.
My guess is you can't chmod/ chown files that were added via the ADD command. – thom_nic Jun 19 at 14:14
Actually you can. You just need to issue a a RUN command after the ADD for the file location that will be INSIDE your container. For example
ADD extras/dockerstart.sh /usr/local/servicemix/bin/
RUN chmod 755 /usr/local/bin/dockerstart.sh
Hope that helps. It worked for me.
I encountered a similar issue; however my container was using VOLUME to map directories across the container.
Changing the permissions on the directory that maps to /var/www/html itself remedied the 403 Forbidden errors.
docker-host$ ls -ld /var/www/html
drwxr--r-- 53 me staff 1802 Mar 8 22:33 .
docker-host$ chmod a+x /var/www/html
docker-host$ ls -ld /var/www/html
drwxr-xr-x 53 me staff 1802 Mar 8 22:33 .
Note that chmod must be applied on the Docker host, not within the container. Executing it within the container effects no change to the directory.
docker-container$ chmod a+x /var/www/html
docker-container$ ls -ld /var/www/html
drwxr--r-- 53 me staff 1802 Mar 8 22:33 .
I need to change permissions of files in my /media/MAVEN/Projects
MAVEN is my windows disk partition.
The permissions on the Projects folder are:
:/media/MAVEN/Projects$ ls -la
\total 340
drwxrwxrwx 1 root root 12288 Oct 6 21:31 .
drwxrwxrwx 1 root root 32768 Oct 9 06:32 ..
all the projects are set to drwxrwxrwx
I need to change them to 755 so I tried:
~$ sudo chmod 755 -R /media/MAVEN/Projects
But I get errors: ...Read-only file system
The result of ls -la /media/MAVEN/Projects remains the same.
Help me resolve this.
Problem solved. I found out that I was using a package that was mounting my disk as read only. Its called pysdm I disabled that feature.
I'm having issues with getting Apache working with my virtualhosts, and I've narrowed it down to the fact that I'm adding manually-created virtual hosts (vs. the others which are created by a python script). When I run:
ls -l
I get this:
-rw-r--r-- 1 root wheel 772 May 10 17:53 host1.com
-rw-r--r-- 1 root wheel 766 May 10 17:53 host2.com
-rw-r--r--# 1 myname wheel 914 Mar 28 14:24 host3.com
-rw-r--r-- 1 root wheel 3897 May 10 17:53 host4.com
-rw-r--r-- 1 root wheel 5240 May 10 17:53 host5.com
-rw-r--r-- 1 root wheel 4037 May 10 17:53 host6.com
I'm not sure what the "#" refers to, but that manually-created file my username as the owner instead of root. When I view the file info in OS X (Finder), I see that permissions for most of the files show "system" has Read & Write access, but my manually-created vh file shows that I (my username) has Read & Write access.
Can someone tell me how to set the permissions for "system" or "root" in Terminal? I do have superuser access.
You can change the ownership of a file in terminal by using
sudo chown owner:group filepath
Or in your case
sudo chown root:wheel filepath
Additionally, you can change the permissions of a file by using chmod
The # indicates that there are extended attributes. You can use the command xattr to have a look at them
You can set the owner with chown